1996-04-11 - Re: Bank information protected by 40-bit encryption….

Header Data

From: Jeff Weinstein <jsw@netscape.com>
To: “Daniel R. Oelke” <droelke@rdxsunhost.aud.alcatel.com>
Message Hash: 486a9abcdd23cbbc6a8604c0712aa4fc12bd1f3f95711f49cb7db2bc7cc155df
Message ID: <316CACF9.354D@netscape.com>
Reply To: <9604101921.AA25061@spirit.aud.alcatel.com>
UTC Datetime: 1996-04-11 17:15:29 UTC
Raw Date: Fri, 12 Apr 1996 01:15:29 +0800

Raw message

From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 12 Apr 1996 01:15:29 +0800
To: "Daniel R. Oelke" <droelke@rdxsunhost.aud.alcatel.com>
Subject: Re: Bank information protected by 40-bit encryption....
In-Reply-To: <9604101921.AA25061@spirit.aud.alcatel.com>
Message-ID: <316CACF9.354D@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Daniel R. Oelke wrote:
> A brief once over shows that it requires Netscape 2.0 or
> better so you will have encryption, but it does not warn you
> when you are using only a 40-bit session key vs. a 128-bit key.
> (Netscape wizards - is there a way that the server can detect
>  this so that a warning message could be put up?)

  There is an environment variable called HTTPS_KEYSIZE that
is passed to cgi's by the HTTP server.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





Thread